Chegg discloses the third data breach in the last two years

The American education technology firm Chegg discloses a security breach, it already sent notifications to its employees

The US education technology company Chegg discloses a security breach that took place in early April, the firm already sent notifications to its employees.

The data breach notification sent on April 28 inform the employee of a security breach that impacted some of their personal information.

Based in Santa Clara, Chegg provides digital and physical textbook rentals, online tutoring, and other student services to over three million subscribers.

The data breach was discovered on April 10, 2020, threat actors could have stolen the information of both current and former employees. The personal information that may have been stolen by the attackers included employees’ names and social security numbers.

“On April 10, 2020, we learned that, on or about April 9, 2020, an outside hacker may have illegally obtained employee information for approximately 700 current and former U.S. Chegg employees,” reads the notice of data breach published on the California Attorney General’s website.

“An investigation was immediately commenced, a leading third-party forensic firm was retained to assist, and we notified law enforcement. We believe that your information may have been obtained, which is why you are receiving this notice.”

Chegg notified local authorities and is investigating the incident with the help of a third-party forensic firm.

The company is offering impacted employees free credit monitoring and identity theft protection services provided by Experian. It is also taking steps to further reinforce safeguards in place prior to the
incident.

At the time there are no technical details about the attack, it is not clear if the incident is related to two data breaches that the company reported over the past years.

Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS
https://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Chegg, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.